OpenBSD Journal

Small web servers are out there apart from Apache?

Contributed by jose on from the port-80 dept.

Timo Weggen writes :
"I like apache. It can do naything or nothing, whatever you request. But what, if you just demand a low-bandwidth, static-only, http-server running under OpenBSD? It should hopefully be way easier to make that one secure. Does anyone of you now such beast? "
Well, I do know of wn and thttpd . Does anyone have any experiences in long term use of these compared to Apache? Do they fit the bill? Are there others worth looking at?

(Comments are closed)


Comments
  1. By Anonymous Coward () on

    publicfile. http://cr.yp.to/publicfile.html

  2. By Anonymous Coward () on

    were you very tired posting that? :P

  3. By Anonymous Coward () on

    I know the person hosting http://www.packetninja.net/ has been using thttpd for about as long as I can remember and last time I checked he thought it was great.

  4. By Jesper Louis Andersen () jlouis@diku.dk on mailto:jlouis@diku.dk

    There are publicfile by DJB, but the code is a mess and quite unreadable, so that makes it unuseable to me.

    thttpd has had security bugs. Considering this is OpenBSD it might not be the best thing to have had. What do we win by a fast program with errors?

    mathopd is a good one. As far as I know, it has no security bugs and is quite fast. http://www.mathopd.org

  5. By Anonymous Coward () on

    http://www.eterna.com.au/bozohttpd/

    It's all configured on the command line, so even the complexity of configuration files is missing.

    1 .c file, 2111 lines of code. Code isn't a mess. Small enough that you could audit it yourself and feel comfortable with the result.

    If you wanted a small web server that does HTTP 1.1, with minimal functionality, this has got to be a good candidate.

  6. By Matt Liggett () mml@pobox.com on http://pobox.com/~mml

    The code is short, simple and easy to understand. It can do CGI if you want it to. mathopd is shorter still, and thttpd is faster, but boa works for me.

    http://www.boa.org/

  7. By Anonymous Coward () on

    http://www.fefe.de/fnord/

  8. By Anonymous Coward () on

    http://uts.cc.utexas.edu/~foxx/dhttpd/

    old, but simply serves static pages

  9. By Anonymous Coward () on

    I discovered this cute and lightweight server ages ago, precisely because I had decided that Apache was overkill. It's very nice C++ and only does one thing and does it well: it serves documents from /var/www; no CGI support, no home directory escapes; nothing but sending images and text from locations relative to /var/www.

    dhttpd homepage (no longer developped)
    newer version by Debian package maintainer

  10. By John () jhedditc@physics.adelaide.edu.au on http://www.physics.adelaide.edu.au/~jhedditc/

    This is a v. simple, v. secure webserver - I've
    had a look through all of the code and didn't see
    anything, and it's very easy to configure.

  11. By jolan () on

    Apache in -current runs unpriveleged in a chroot environment, which pretty much means that you can only serve static pages.

  12. By Anonymous Coward () on

    You could write a usable HTTP server in a day or two that serves static pages. I know this because I did this. My HTTP server is a commercial product that is quite simple, and does CGI. This did require reading some RFC documents to get to this stage, but that doesn't take long.

  13. By RC () on

    Why does HTTP get used for everything? I understand HTTP/1.0 was simple, but it's rather ineffecient, and doesn't even have basic control messages (you can't tell if a connection ended properly, or got cut off). HTTP/1.1 looses the simplicity aspect as well.

    What I think we need is something like a simlified SMTP (message numbers at the beginning and end of section only). Less overhead means more data going over the lines, quicker.

    At best, HTTP is kludgy. Why can't anyone put together a single simple and effecient protocol? Something to at least challenge HTTP.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]